Support LDAP auth

[matthewmrichter]

My vault is hooked up to LDAP auth backend. I'd love to use it to authenticate. Would really make life a breeze for our operators.

Just discovering this project and haven't actually deployed it yet so forgive me if this is underway already. I may be able to find some bandwidth to help with this issue as well.

[matthewmrichter]

I see PR #15 is open now that I poke a little. Happy to help test that.

[nyxcharon]

@matthewmrichter If you could test that branch it would be appreciated. I don't have a easy way to test ldap auth at the moment so a verification from someone else before merging would be nice.

[matthewmrichter]

Sounds good, I'll give it a try shortly and report back.

[matthewmrichter]

Checked out your fork, switchd to that branch and built it. Tried running docker run -it -p 80:80 -e VAULT_ADDR='https://my.vault.com' -e AUTH_BACKEND=ldap vault-ui with my AD username/pwd.

I got You could not be logged in with the given username/password combo. Docker console showing: [pid: 15|app: 0|req: 1/1] 172.17.0.1 () {42 vars in 672 bytes} [Wed Oct 12 19:41:10 2016] GET / => generated 281 bytes in 3 msecs (HTTP/1.1 302) 3 headers in 148 bytes (1 switches on core 0) [pid: 24|app: 0|req: 1/2] 172.17.0.1 () {42 vars in 743 bytes} [Wed Oct 12 19:41:10 2016] GET /login?next=http%3A%2F%2Flocalhost%2F => generated 1790 bytes in 20 msecs (HTTP/1.1 200) 2 headers in 81 bytes (1 switches on core 0) error logging in [pid: 25|app: 0|req: 1/3] 172.17.0.1 () {52 vars in 983 bytes} [Wed Oct 12 19:41:19 2016] POST /login?next=http%3A%2F%2Flocalhost%2F => generated 1934 bytes in 2912 msecs (HTTP/1.1 200) 2 headers in 81 bytes (1 switches on core 0)

Am I specifying the auth method correctly?

[nyxcharon]

It looks like you just need to uncomment

# VAULT_AUTH_BACKEND = 'ldap'

In settings.py. I'll change this to also support a environment variable soon

[nyxcharon]

The LDAP auth branch was merged in, closing this.